Commit 4648da41 authored by Matthieu Lamalle's avatar Matthieu Lamalle Committed by Lionel Morin
Browse files

Acl

parent 5ba57f2c
...@@ -38,7 +38,7 @@ RUN git clone "${CONTAINERPILOT_REPO_URL}" "/tmp/orchestrate" \ ...@@ -38,7 +38,7 @@ RUN git clone "${CONTAINERPILOT_REPO_URL}" "/tmp/orchestrate" \
# API messages description # API messages description
ARG MESSAGES_API_REPO_URL=https://gitlab.mim.ovh/EOLE/Zephir/messages-api.git ARG MESSAGES_API_REPO_URL=https://gitlab.mim.ovh/EOLE/Zephir/messages-api.git
ARG MESSAGES_API_REPO_REF=0.0.5-dev ARG MESSAGES_API_REPO_REF=0.0.6-dev
RUN git clone "${MESSAGES_API_REPO_URL}" "/tmp/messages-api" \ RUN git clone "${MESSAGES_API_REPO_URL}" "/tmp/messages-api" \
&& cd /tmp/messages-api \ && cd /tmp/messages-api \
...@@ -47,13 +47,12 @@ RUN git clone "${MESSAGES_API_REPO_URL}" "/tmp/messages-api" \ ...@@ -47,13 +47,12 @@ RUN git clone "${MESSAGES_API_REPO_URL}" "/tmp/messages-api" \
# Common python Zéphir library # Common python Zéphir library
ARG PYTHON_ZEPHIR_REPO_URL=https://gitlab.mim.ovh/EOLE/Zephir/python-zephir.git ARG PYTHON_ZEPHIR_REPO_URL=https://gitlab.mim.ovh/EOLE/Zephir/python-zephir.git
ARG PYTHON_ZEPHIR_REPO_REF=0.0.2-dev ARG PYTHON_ZEPHIR_REPO_REF=0.0.3-dev
RUN git clone "${PYTHON_ZEPHIR_REPO_URL}" "/tmp/python-zephir" \ RUN git clone "${PYTHON_ZEPHIR_REPO_URL}" "/tmp/python-zephir" \
&& cd /tmp/python-zephir \ && cd /tmp/python-zephir \
&& git checkout "${PYTHON_ZEPHIR_REPO_REF}" && git checkout "${PYTHON_ZEPHIR_REPO_REF}"
#### ####
#### Target layer #### Target layer
#### ####
...@@ -64,7 +63,7 @@ MAINTAINER Pôle EOLE <eole@ac-dijon.fr> ...@@ -64,7 +63,7 @@ MAINTAINER Pôle EOLE <eole@ac-dijon.fr>
# Packages required for working service # Packages required for working service
ENV DEBIAN_FRONTEND=noninteractive ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update -y && apt-get install -y \ RUN apt-get update -y && apt-get install -y \
gnupg \ gnupg \
jq \ jq \
locales \ locales \
openssl \ openssl \
...@@ -76,6 +75,7 @@ RUN apt-get update -y && apt-get install -y \ ...@@ -76,6 +75,7 @@ RUN apt-get update -y && apt-get install -y \
python3-psycopg2 \ python3-psycopg2 \
python3-requests \ python3-requests \
python3-yaml \ python3-yaml \
python3-pip \
sqitch \ sqitch \
tzdata tzdata
...@@ -95,6 +95,9 @@ ENV LC_ALL fr_FR.UTF-8 ...@@ -95,6 +95,9 @@ ENV LC_ALL fr_FR.UTF-8
RUN ln -fs /usr/share/zoneinfo/Europe/Paris /etc/localtime RUN ln -fs /usr/share/zoneinfo/Europe/Paris /etc/localtime
RUN dpkg-reconfigure --frontend noninteractive tzdata RUN dpkg-reconfigure --frontend noninteractive tzdata
RUN pip3 install casbin
# Sqitch # Sqitch
RUN sqitch config --user user.name 'Equipe EOLE'\ RUN sqitch config --user user.name 'Equipe EOLE'\
&& sqitch config --user user.email 'eole@ac-dijon.fr' && sqitch config --user user.email 'eole@ac-dijon.fr'
...@@ -115,6 +118,7 @@ COPY --from=build /tmp/orchestrate/${services_conf_filename}.ctmpl ${services_co ...@@ -115,6 +118,7 @@ COPY --from=build /tmp/orchestrate/${services_conf_filename}.ctmpl ${services_co
# Install libraries required by service # Install libraries required by service
COPY --from=build /tmp/python-zephir/zephir /usr/lib/python3/dist-packages/zephir COPY --from=build /tmp/python-zephir/zephir /usr/lib/python3/dist-packages/zephir
COPY --from=build /tmp/python-zephir/acl /etc/acl
COPY --from=build /tmp/messages-api/messages /srv/messages COPY --from=build /tmp/messages-api/messages /srv/messages
# Manage container with ContainerPilot # Manage container with ContainerPilot
...@@ -133,3 +137,4 @@ COPY src/python/server /usr/lib/python3/dist-packages/server ...@@ -133,3 +137,4 @@ COPY src/python/server /usr/lib/python3/dist-packages/server
RUN mkdir -p /srv/bin RUN mkdir -p /srv/bin
COPY scripts/* /srv/bin/ COPY scripts/* /srv/bin/
COPY migrations /migrations COPY migrations /migrations
COPY acl/* /etc/acl/
\ No newline at end of file
[request_definition]
r = sub, obj, act
[policy_definition]
p = sub, obj, act
[role_definition]
g = _, _
[policy_effect]
e = some(where (p.eft == allow))
[matchers]
m = g(r.sub, p.sub) && r.obj == p.obj && r.act == p.act
\ No newline at end of file
p, admin, server/*, create p, admin, v1.server.create, allowed
p, admin, server/*, describe p, admin, v1.server.update, allowed
p, admin, server/*, delete p, admin, v1.server.delete, allowed
p, admin, server/*, update
p, user, server/*, describe p, admin, v1.serverselection.create, allowed
p, admin, v1.serverselection.update, allowed
p, admin, v1.serverselection.delete, allowed
p, admin, v1.serverselection.server.add, allowed
p, admin, v1.serverselection.server.remove, allowed
p, admin, v1.serverselection.user.add, allowed
p, admin, v1.serverselection.user.remove, allowed
p, admin, v1.serverselection.user.update, allowed
p, manager, v1.server.exec.deploy, allowed
p, manager, v1.server.exec.command, allowed
p, manager, v1.server.peering-conf.get, allowed
p, manager, v1.server.exec.list, allowed
p, manager, v1.server.exec.describe, allowed
p, manager, v1.serverselection.exec.deploy, allowed
p, manager, v1.serverselection.exec.command, allowed
p, viewer, v1.server.list, allowed
p, viewer, v1.server.describe, allowed
p, viewer, v1.server.config.get, allowed
p, viewer, v1.serverselection.list, allowed
p, viewer, v1.serverselection.describe, allowed
g, owner, admin g, owner, admin
g, admin, manager
g, manager, viewer
...@@ -21,7 +21,7 @@ CREATE TABLE ServerSelection ( ...@@ -21,7 +21,7 @@ CREATE TABLE ServerSelection (
ServerSelectionId SERIAL PRIMARY KEY, ServerSelectionId SERIAL PRIMARY KEY,
ServerSelectionName VARCHAR(255) NOT NULL, ServerSelectionName VARCHAR(255) NOT NULL,
ServerSelectionDescription VARCHAR(255) NOT NULL, ServerSelectionDescription VARCHAR(255) NOT NULL,
ServerSelectionServersId INTEGER [], ServerSelectionServersId INTEGER [] DEFAULT '{}',
ServerSelectionUsers hstore, ServerSelectionUsers hstore,
Dynamique BOOLEAN NOT NULL, Dynamique BOOLEAN NOT NULL,
Requete VARCHAR(255) Requete VARCHAR(255)
......
...@@ -22,7 +22,7 @@ from server.serverselection.lib import ServerSelection ...@@ -22,7 +22,7 @@ from server.serverselection.lib import ServerSelection
from server.serverselection.error import (ServerSelectionError, from server.serverselection.error import (ServerSelectionError,
ServerSelectionErrorDatabaseNotAvailable, ServerSelectionErrorDatabaseNotAvailable,
ServerSelectionErrorDbConnection, ServerSelectionErrorDbConnection,
ServerSelectionErrorInvalidServerSelectionId, ServerSelectionErrorInvalidServerSelectionId,
ServerSelectionErrorServerSelectionNameNotProvided, ServerSelectionErrorServerSelectionNameNotProvided,
ServerSelectionErrorUnknownServerSelectionId, ServerSelectionErrorUnknownServerSelectionId,
ServerSelectionErrorDuplicateServerSelectionName, ServerSelectionErrorDuplicateServerSelectionName,
...@@ -43,11 +43,75 @@ class ServerRunner(ZephirCommonController): ...@@ -43,11 +43,75 @@ class ServerRunner(ZephirCommonController):
self.serverselection = ServerSelection() self.serverselection = ServerSelection()
self.conn = None self.conn = None
# GET ROLE
def get_profil_for_server(self, cursor, uri, message_arguments):
if 'serverid' in message_arguments:
server_id = message_arguments['serverid']
if 'server_id' in message_arguments:
server_id = message_arguments['server_id']
if '_session_user' not in message_arguments:
return 'root'
else:
profils = self._get_serverselection_user_server_role(cursor, server_id, message_arguments['_session_user']['username'])
for profil in profils:
if 'role' in profil:
role = profil['role']
if self.policy.enforce(role, uri, 'allowed'):
return role
return None
def get_profil_for_serverselection(self, cursor, uri, message_arguments):
serverselection_id = message_arguments['serverselectionid']
if '_session_user' not in message_arguments:
return 'root'
else:
if message_arguments['_session_user']['profil'] == 'root':
role = message_arguments['_session_user']['profil']
else:
profil = self._get_serverselection_user_role(cursor, serverselection_id, message_arguments['_session_user']['username'])
if not 'role' in profil:
return None
role = profil['role']
if self.policy.enforce(role, uri, 'allowed'):
return role
return None
def get_profil_for_all(self, cursor, uri, message_arguments):
server_ok = False
serverselection_ok = False
server_role = self.get_profil_for_server(cursor, uri, message_arguments)
if server_role is None :
return None
for role in server_role:
if self.policy.enforce(role, uri, 'allowed'):
server_ok = True
if not server_ok:
return None
serverselection_role = self.get_profil_for_serverselection(cursor, uri, message_arguments)
if serverselection_role is None :
return None
for role in serverselection_role:
if self.policy.enforce(role, uri, 'allowed'):
serverselection_ok = True
if not serverselection_ok:
return None
return role
@register_wamp('v1.server.list', notification_uri=None, database=True) @register_wamp('v1.server.list', notification_uri=None, database=True)
async def list_servers(self, cursor): async def list_servers(self, cursor, _session_user):
try: try:
return self.server.list_servers(cursor) if _session_user['profil'] == 'root':
return self.server.list_servers(cursor)
else:
ret = []
for server_id in self._list_user_servers(cursor, _session_user).get('serverselectionserversid', []):
ret.append(self._describe_server(cursor, server_id, False, False))
return ret
except ServerErrorDatabaseNotAvailable as err: except ServerErrorDatabaseNotAvailable as err:
raise ApplicationError('server.error.database-not-available', reason=str(err)) raise ApplicationError('server.error.database-not-available', reason=str(err))
...@@ -57,14 +121,16 @@ class ServerRunner(ZephirCommonController): ...@@ -57,14 +121,16 @@ class ServerRunner(ZephirCommonController):
except ServerError as err: except ServerError as err:
raise ApplicationError('server.error', reason=str(err)) raise ApplicationError('server.error', reason=str(err))
@register_wamp('v1.server.describe', notification_uri=None, database=True) @register_wamp('v1.server.describe', notification_uri=None, database=True, profil_adapter='get_profil_for_server')
async def describe_server(self, cursor, serverid, configuration): async def describe_server(self, cursor,_session_user, serverid, configuration):
return self._describe_server(cursor, serverid, configuration, True)
def _describe_server(self, cursor, serverid, configuration, environment):
try: try:
server = self.server.describe_server(cursor, serverid) server = self.server.describe_server(cursor, serverid, environment)
if configuration: if configuration:
server['configuration'] = serverid server['configuration'] = serverid
return server return server
except ServerErrorDatabaseNotAvailable as err: except ServerErrorDatabaseNotAvailable as err:
raise ApplicationError('server.error.database-not-available', reason=str(err)) raise ApplicationError('server.error.database-not-available', reason=str(err))
except ServerErrorDbConnection as err: except ServerErrorDbConnection as err:
...@@ -84,6 +150,7 @@ class ServerRunner(ZephirCommonController): ...@@ -84,6 +150,7 @@ class ServerRunner(ZephirCommonController):
else: else:
return b'{}' return b'{}'
#FIXME a supprimer, cf server.describe avec configuration=True
@register_wamp('v1.server.config.get', notification_uri=None, database=True) @register_wamp('v1.server.config.get', notification_uri=None, database=True)
async def get_config(self, cursor, serverid): async def get_config(self, cursor, serverid):
return {'configuration': serverid} return {'configuration': serverid}
...@@ -95,6 +162,7 @@ class ServerRunner(ZephirCommonController): ...@@ -95,6 +162,7 @@ class ServerRunner(ZephirCommonController):
return json.dumps(values).encode() return json.dumps(values).encode()
else: else:
return b'{}' return b'{}'
#FIXME END
@register_wamp('v1.server.create', notification_uri='v1.server.created', database=True) @register_wamp('v1.server.create', notification_uri='v1.server.created', database=True)
async def create_server(self, cursor, _session_user, servername, serverdescription, servermodelid, serverpassphrase): async def create_server(self, cursor, _session_user, servername, serverdescription, servermodelid, serverpassphrase):
...@@ -125,8 +193,8 @@ class ServerRunner(ZephirCommonController): ...@@ -125,8 +193,8 @@ class ServerRunner(ZephirCommonController):
except ServerError as err: except ServerError as err:
raise ApplicationError('server.error', reason=str(err)) raise ApplicationError('server.error', reason=str(err))
@register_wamp('v1.server.update', notification_uri='v1.server.updated', database=True) @register_wamp('v1.server.update', notification_uri='v1.server.updated', database=True, profil_adapter='get_profil_for_server')
async def update_server(self, cursor, serverid, servername, serverdescription): async def update_server(self, cursor, _session_user, serverid, servername, serverdescription):
try: try:
return self.server.update_server(cursor, serverid, servername, serverdescription) return self.server.update_server(cursor, serverid, servername, serverdescription)
...@@ -143,10 +211,11 @@ class ServerRunner(ZephirCommonController): ...@@ -143,10 +211,11 @@ class ServerRunner(ZephirCommonController):
except ServerError as err: except ServerError as err:
raise ApplicationError('server.error', reason=str(err)) raise ApplicationError('server.error', reason=str(err))
@register_wamp('v1.server.delete', notification_uri='v1.server.deleted', database=True) @register_wamp('v1.server.delete', notification_uri='v1.server.deleted', database=True, profil_adapter='get_profil_for_server')
async def delete_server(self, cursor, serverid): async def delete_server(self, cursor,_session_user, serverid):
try: try:
return self.server.delete_server(cursor, serverid) return self.server.delete_server(cursor, serverid)
except ServerErrorDatabaseNotAvailable as err: except ServerErrorDatabaseNotAvailable as err:
raise ApplicationError('server.error.database-not-available', reason=str(err)) raise ApplicationError('server.error.database-not-available', reason=str(err))
except ServerErrorDbConnection as err: except ServerErrorDbConnection as err:
...@@ -158,11 +227,12 @@ class ServerRunner(ZephirCommonController): ...@@ -158,11 +227,12 @@ class ServerRunner(ZephirCommonController):
except ServerError as err: except ServerError as err:
raise ApplicationError('server.error', reason=str(err)) raise ApplicationError('server.error', reason=str(err))
@register_wamp('v1.server.peering-conf.get', notification_uri='v1.server.peering-conf.sent') @register_wamp('v1.server.peering-conf.get', notification_uri='v1.server.peering-conf.sent', database=True, profil_adapter='get_profil_for_server')
async def get_peering_conf(self, serverid): async def get_peering_conf(self, cursor, _session_user, serverid):
try: try:
secret = await self.call('v1.vault.secret.get', secretkey="{}_peeringconf".format(serverid)) secret = await self.call('v1.vault.secret.get', secretkey="{}_peeringconf".format(serverid))
return secret['secret'] return secret['secret']
except ServerErrorPeeringConfNotAvailable as err: except ServerErrorPeeringConfNotAvailable as err:
raise ApplicationError('server.error.peering-conf-not-available', reason=str(err)) raise ApplicationError('server.error.peering-conf-not-available', reason=str(err))
except ServerError as err: except ServerError as err:
...@@ -188,11 +258,8 @@ class ServerRunner(ZephirCommonController): ...@@ -188,11 +258,8 @@ class ServerRunner(ZephirCommonController):
raise ApplicationError('server.registering.error', raise ApplicationError('server.registering.error',
reason=str(err)) reason=str(err))
@register_wamp('v1.server.exec.command', notification_uri='v1.server.executed', database=True) @register_wamp('v1.server.exec.command', notification_uri='v1.server.executed', database=True, profil_adapter='get_profil_for_server')
async def exec_cmd_on_server(self, cursor, server_id, command): async def exec_cmd_on_server(self, cursor,_session_user, server_id, command):
return await self._exec_cmd_on_server(cursor, server_id, command)
async def _exec_cmd_on_server(self, cursor, server_id, command):
""" """
Transfer command transmitted to automation (salt, ...) Transfer command transmitted to automation (salt, ...)
""" """
...@@ -230,8 +297,8 @@ class ServerRunner(ZephirCommonController): ...@@ -230,8 +297,8 @@ class ServerRunner(ZephirCommonController):
dico['return'] = result['return'] dico['return'] = result['return']
return dico return dico
@register_wamp('v1.server.exec.list', notification_uri=None, database=True) @register_wamp('v1.server.exec.list', notification_uri=None, database=True, profil_adapter='get_profil_for_server')
async def exec_job_on_server(self, cursor, server_id): async def exec_job_on_server(self, cursor,_session_user, server_id):
automation, automation_command = self.server.get_automation_command(cursor, server_id) automation, automation_command = self.server.get_automation_command(cursor, server_id)
if automation == 'salt': if automation == 'salt':
results = await self.call('v1.execution.salt.job.list', results = await self.call('v1.execution.salt.job.list',
...@@ -298,10 +365,10 @@ class ServerRunner(ZephirCommonController): ...@@ -298,10 +365,10 @@ class ServerRunner(ZephirCommonController):
except ServerError as err: except ServerError as err:
raise ApplicationError('server.error', reason=str(err)) raise ApplicationError('server.error', reason=str(err))
@register_wamp('v1.serverselection.list', notification_uri=None, database=True) def _list_user_servers(self, cursor, _session_user):
async def list_serverselections(self, cursor):
try: try:
return self.serverselection.list_serverselections(cursor) username = _session_user['username']
return self.serverselection.list_user_servers(cursor, username)
except ServerSelectionErrorDatabaseNotAvailable as err: except ServerSelectionErrorDatabaseNotAvailable as err:
raise ApplicationError('serverselection.error.database_not_available', reason=str(err)) raise ApplicationError('serverselection.error.database_not_available', reason=str(err))
...@@ -310,49 +377,70 @@ class ServerRunner(ZephirCommonController): ...@@ -310,49 +377,70 @@ class ServerRunner(ZephirCommonController):
except ServerSelectionError as err: except ServerSelectionError as err:
raise ApplicationError('serverselection.error', reason=str(err)) raise ApplicationError('serverselection.error', reason=str(err))
@register_wamp('v1.serverselection.describe', notification_uri=None, database=True) @register_wamp('v1.serverselection.list', notification_uri=None, database=True)
async def describe_serverselection(self, cursor, serverselectionid): async def list_serverselections(self, cursor, _session_user):
try: try:
return self.serverselection.describe_serverselection(cursor, serverselectionid) if _session_user['profil'] == 'root':
return self.serverselection.list_serverselections(cursor)
else:
return self._list_user_serverselections(cursor, _session_user)
except ServerSelectionErrorDatabaseNotAvailable as err: except ServerSelectionErrorDatabaseNotAvailable as err:
raise ApplicationError('serverselection.error.database_not_available', reason=str(err)) raise ApplicationError('serverselection.error.database_not_available', reason=str(err))
except ServerSelectionErrorDbConnection as err: except ServerSelectionErrorDbConnection as err:
raise ApplicationError('serverselection.error.db-connection', reason=str(err)) raise ApplicationError('serverselection.error.db-connection', reason=str(err))
except ServerSelectionErrorInvalidServerSelectionId as err:
raise ApplicationError('serverselection.error.invalid_server_id', reason=str(err))
except ServerSelectionErrorUnknownServerSelectionId as err:
raise ApplicationError('serverselection.error.unknown_server_id', reason=str(err))
except ServerSelectionError as err: except ServerSelectionError as err:
raise ApplicationError('serverselection.error', reason=str(err)) raise ApplicationError('serverselection.error', reason=str(err))
@register_wamp('v1.serverselection.user.list', notification_uri=None, database=True) @register_wamp('v1.serverselection.user.list', notification_uri=None, database=True)
async def list_user_serverselections(self, cursor, _session_user): async def list_user_serverselections(self, cursor, _session_user):
return self._list_user_serverselections(cursor, _session_user)
def _list_user_serverselections(self, cursor, _session_user):
try: try:
serverselectionuser = _session_user['username'] username = _session_user['username']
return self.serverselection.list_user_serverselections(cursor, serverselectionuser) return self.serverselection.list_user_serverselections(cursor, username)
except ServerSelectionErrorDatabaseNotAvailable as err: except ServerSelectionErrorDatabaseNotAvailable as err:
raise ApplicationError('serverselection.error.database_not_available', reason=str(err)) raise ApplicationError('serverselection.error.database_not_available', reason=str(err))
except ServerSelectionErrorDbConnection as err: except ServerSelectionErrorDbConnection as err:
raise ApplicationError('serverselection.error.db-connection', reason=str(err)) raise ApplicationError('serverselection.error.db-connection', reason=str(err))
except ServerSelectionError as err: except ServerSelectionError as err:
raise ApplicationError('serverselection.error', reason=str(err)) raise ApplicationError('serverselection.error', reason=str(err))
@register_wamp('v1.serverselection.describe', notification_uri=None, database=True, profil_adapter='get_profil_for_serverselection')
async def describe_serverselection(self, cursor, _session_user, serverselectionid):
return self._describe_serverselection(cursor, _session_user, serverselectionid)
def _describe_serverselection(self, cursor, _session_user, serverselectionid):
try:
return self.serverselection.describe_serverselection(cursor, serverselectionid)
except ServerSelectionErrorDatabaseNotAvailable as err:
raise ApplicationError('serverselection.error.database_not_available', reason=str(err))
except ServerSelectionErrorDbConnection as err:
raise ApplicationError('serverselection.error.db-connection', reason=str(err))
except ServerSelectionErrorInvalidServerSelectionId as err:
raise ApplicationError('serverselection.error.invalid_server_id', reason=str(err))
except ServerSelectionErrorUnknownServerSelectionId as err:
raise ApplicationError('serverselection.error.unknown_server_id', reason=str(err))
except ServerSelectionError as err:
raise ApplicationError('serverselection.error', reason=str(err))
@register_wamp('v1.serverselection.user.default', notification_uri=None, database=True) @register_wamp('v1.serverselection.user.default', notification_uri=None, database=True)
async def default_user_serverselection(self, cursor, _session_user): async def default_user_serverselection(self, cursor, _session_user):
return self._default_user_serverselection(cursor, _session_user) return self._default_user_serverselection(cursor, _session_user)
def _default_user_serverselection(self, cursor, _session_user): def _default_user_serverselection(self, cursor, _session_user):
try: try:
serverselectionuser = _session_user['username'] username = _session_user['username']
return self.serverselection.default_user_serverselection(cursor, serverselectionuser) return self.serverselection.default_user_serverselection(cursor, username)
except ServerSelectionEmptyRecordDatabaseError as err: except ServerSelectionEmptyRecordDatabaseError as err:
serverselectionname = serverselectionuser + "_DEFAULT" serverselectionname = username + "_DEFAULT"
serverselectiondescription = serverselectionuser + " server selection" serverselectiondescription = username + " server selection"
self.serverselection.create_serverselection(cursor, serverselectionname, serverselectiondescription, serverselectionuser) self._create_default_user_serverselection(cursor, serverselectionname, serverselectiondescription, username)
return self.serverselection.default_user_serverselection(cursor, serverselectionuser) return self.serverselection.default_user_serverselection(cursor, username)
except ServerSelectionErrorDatabaseNotAvailable as err: except ServerSelectionErrorDatabaseNotAvailable as err:
raise ApplicationError('serverselection.error.database_not_available', reason=str(err)) raise ApplicationError('serverselection.error.database_not_available', reason=str(err))
...@@ -361,40 +449,45 @@ class ServerRunner(ZephirCommonController): ...@@ -361,40 +449,45 @@ class ServerRunner(ZephirCommonController):
except ServerSelectionError as err: except ServerSelectionError as err:
raise ApplicationError('serverselection.error', reason=str(err)) raise ApplicationError('serverselection.error', reason=str(err))
@register_wamp('v1.serverselection.user.server.list', notification_uri=None, database=True) def _create_default_user_serverselection(self, cursor, serverselectionname, serverselectiondescription, username):
async def list_user_servers(self, cursor, _session_user):
try: try:
serverselectionuser = _session_user['username'] return self.serverselection.create_serverselection(cursor, serverselectionname, serverselectiondescription, username)
return self.serverselection.list_user_servers(cursor, serverselectionuser)
except ServerSelectionErrorDatabaseNotAvailable as err: except ServerSelectionErrorDatabaseNotAvailable as err:
raise ApplicationError('serverselection.error.database_not_available', reason=str(err)) raise ApplicationError('serverselection.error.database-not-available', reason=str(err))
except ServerSelectionErrorDbConnection as err: except ServerSelectionErrorDbConnection as err:
raise ApplicationError('serverselection.error.db-connection', reason=str(err)) raise ApplicationError('serverselection.error.db-connection', reason=str(err))
except ServerSelectionErrorDuplicateServerSelectionName as err:
raise ApplicationError('serverselection.static.create.error.duplicate_serverselection', reason=str(err))
except ServerSelectionError as err: except ServerSelectionError as err:
raise ApplicationError('serverselection.error', reason=str(err)) raise ApplicationError('serverselection.error', reason=str(err))
@register_wamp('v1.serverselection.create', notification_uri=None, database=True) @register_wamp('v1.serverselection.create', notification_uri=None, database=True)
async def create_serverselection(self, cursor, serverselectionname, serverselectiondescription, _session_user): async def create_serverselection(self, cursor, serverselectionname, serverselectiondescription, _session_user):
try: try:
serverselectionuser = _session_user['username'] if _session_user['profil'] in ['root', 'admin'] or ('_DEFAULT' not in serverselectionname and _session_user['profil'] not in ['root', 'admin']):
return self.serverselection.create_serverselection(cursor, serverselectionname, serverselectiondescription, serverselectionuser) username = _session_user['username']
return self.serverselection.create_serverselection(cursor, serverselectionname, serverselectiondescription, username)
else:
raise Exception(_('Unable to create _DEFAULT serverselection'))
except ServerSelectionErrorDatabaseNotAvailable as err: except ServerSelectionErrorDatabaseNotAvailable as err:
raise ApplicationError('serverselection.error.database-not-available', reason=str(err)) raise ApplicationError('serverselection.error.database-not-available', reason=str(err))
except ServerSelectionErrorDbConnection as err: except ServerSelectionErrorDbConnection as err:
raise ApplicationError('serverselection.error.db-connection', reason=str(err)) raise ApplicationError('serverselection.error.db-connection', reason=str(err))
except ServerSelectionErrorDuplicateServerSelectionName as err: except ServerSelectionErrorDuplicateServerSelectionName as err:
raise ApplicationError('serverselection.static.create.error.duplicate_serverselection', reason=str(err)) raise ApplicationError('serverselection.static.create.error.duplicate_serverselection', reason=str(err))
except ServerSelectionError as err: except ServerSelectionError as err:
raise ApplicationError('serverselection.error', reason=str(err)) raise ApplicationError('serverselection.error', reason=str(err))
@register_wamp('v1.serverselection.update', notification_uri=None, database=True) @register_wamp('v1.serverselection.update', notification_uri=None, database=True, profil_adapter='get_profil_for_serverselection')
async def update_serverselection(self, cursor, serverselectionid, serverselectionname, serverselectiondescription, dynamique, requete): async def update_serverselection(self, cursor,_session_user, serverselectionid, serverselectionname, serverselectiondescription, dynamique, requete):
try: try:
return self.serverselection.update_serverselection(cursor, serverselectionid, serverselectionname, serverselectiondescription, dynamique, requete)